Google is reportedly offering to pay select Android developers for source-code access. Here’s what Play Store developers should check before signing.

Sonar, the leading provider of integrated code quality and code security solutions, is unveiling SonarQube Advanced Security, a significant advancement in code security which will soon be available.

In today’s open-source software environments, businesses need to embrace a new approach to security. In partnership withMicrosoft Azure and AMD The Human Genome Project, SpaceX’s rocket technology, ...

Open-source security is a mess - IBM and Red Hat bet $5 billion and 20,000 engineers can fix it ...

Chainguard Inc., a startup that helps developers ensure the open-source code they use is secure, has raised $356 million in fresh funding. The Series D round comes less than a year after the company’s ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

A cybersecurity company trusted to protect some of the largest networks in the country has itself been breached. Trellix, the endpoint detection and response (EDR) vendor born from the merger of ...

The widespread adoption of open-source and enterprise software has accelerated development velocity but also expanded the attack surface. Among the most pressing concerns is the unintentional exposure ...

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers exfiltrated code from around 3,800 of the company’s internal repositories. News of ...

ShiftLeft emerged from stealth mode today with its security software for cloud applications and microservices. The Santa Clara, California-based startup also closed a $9.3 million Series A funding ...

The ease with which developers can integrate third-party open source code has created a security and sustainability crisis, according to a senior executive at edge cloud platform Fastly. Speaking to ...